We present a model of fixing or patching a software problem after the product has been released in the market. Specifically, we model a software firm's trade-off in releasing a buggy product early and investments in fixing it later. Just as the marginal cost of producing software can be...

Software vulnerabilities represent a serious threat to cybersecurity, most cyberattacks exploit known vulnerabilities. Unfortunately, there is no agreed-upon policy for their disclosure. Disclosure policy (which sets a protected period given to a vendor to release the patch for the...

We present an economic model of fixing or patching a software problem after the product has been released in the market. Specifically, we model a software firm’s trade-off in releasing a buggy product early and investments in fixing it later. We first show that patching investments and time to...

We empirically estimate the effect of competition on vendor patching of software defects by exploiting variation in number of vendors that share a common flaw or common vulnerabilities. We distinguish between two effects: the direct competition effect when vendors in the same market share a...

We present a model of fixing or patching a software problem after the product has been released in the market. Specifically, we model a software firm's trade-off in releasing a buggy product early and investments in fixing it later. Just as the marginal cost of producing software can be...

Software vulnerabilities represent a serious threat to cyber security: most cyber-attacks exploit known vulnerabilities. Unfortunately, there is no agreed-upon policy for their disclosure. Disclosure policy (protected period given to a vendor to patch the vulnerability) indirectly affects the...